sterl/Homelab
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
cf360234c154a9a03e2fe07e55eb7eaf53b41598
Homelab/services/swarm/traefik/dynamic.yml

124 lines
2.9 KiB
YAML
Raw Blame History

http:
middlewares:
# Middleware to redirect non-www to www (optional, valid for steril.xyz if needed)
# my-www-redirect:
# redirectRegex:
# regex: "^https?://(?:www\\.)?(.+)"
# replacement: "https://www.$${1}"
# Secure Headers Middleware
security-headers:
headers:
customResponseHeaders:
X-Robots-Tag: "none,noarchive,nosnippet,notranslate,noimageindex"
server: ""
sslProxyHeaders:
X-Forwarded-Proto: https
referrerPolicy: "same-origin"
hostsProxyHeaders:
- "X-Forwarded-Host"
customRequestHeaders:
X-Forwarded-Proto: "https"
contentTypeNosniff: true
browserXssFilter: true
forceSTSHeader: true
stsIncludeSubdomains: true
stsSeconds: 63072000
stsPreload: true
# Basic Auth Middleware (Example)
# my-basic-auth:
# basicAuth:
# users:
# - "admin:$apr1$..."
tls:
options:
default:
minVersion: VersionTLS12
cipherSuites:
- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
routers:
# Pi-hole
pihole:
rule: "Host(`pihole.sterl.xyz`)"
service: pihole
entryPoints:
- websecure
tls:
certResolver: cfresolver
# Pi-hole 2
pihole2:
rule: "Host(`pihole2.sterl.xyz`)"
service: pihole2
entryPoints:
- websecure
tls:
certResolver: cfresolver
# Proxmox (HTTPS)
proxmox:
rule: "Host(`proxmox.sterl.xyz`)"
service: proxmox
entryPoints:
- websecure
tls:
certResolver: cfresolver
# Proxmox Monitor
proxmox-monitor:
rule: "Host(`proxmox-monitor.sterl.xyz`)"
service: proxmox-monitor
entryPoints:
- websecure
tls:
certResolver: cfresolver
# OpenMediaVault (OMV)
omv:
rule: "Host(`omv.sterl.xyz`)"
service: omv
entryPoints:
- websecure
tls:
certResolver: cfresolver
services:
pihole:
loadBalancer:
servers:
- url: "http://192.168.1.196:7300"
pihole2:
loadBalancer:
servers:
- url: "http://192.168.1.245:7300"
proxmox:
loadBalancer:
servers:
# Proxmox typically runs on HTTPS with self-signed certs
- url: "https://192.168.1.57:8006"
serversTransport: "insecureSkipVerify"
proxmox-monitor:
loadBalancer:
servers:
- url: "http://192.168.1.57:8008"
omv:
loadBalancer:
servers:
- url: "http://192.168.1.70:80"
serversTransports:
insecureSkipVerify:
insecureSkipVerify: true
Reference in New Issue View Git Blame Copy Permalink